A recent study commissioned by mobile security experts Check Point reveals the threats posed by the popularity of mobile devices, particularly in the workplace.
A recent published report titled 'The Impact of Mobile Devices on Information Security: A Survey of IT Professionals', revealed that 75 percent of businesses have had a "major security incident" in the past year resulting in "substantial costs" to the company. In some cases, the cost of these security incidents reached more than US$500,000.
The survey for Check Point Software Technologies included nearly 800 IT professionals from United States, Canada, United Kingdom, Germany, and Japan, and is the second study done on the topic. The IT professionals were asked about the impact of Bring Your Own Device (BYOD) to information security in the workplace.
The study revealed that BYOD is growing in popularity and this has been causing some problems to the companies. Ninety-three percent of respondents said mobile devices are allowed to connect to their corporate networks compared to only 89 percent in 2012.
Bring Your Own Device
The IT professionals themselves have noted the increase in popularity of BYOD. Ninety-six percent said they have seen an increase in the use of mobile devices connecting to corporate networks and this is a growing trend, across large, medium and small companies alike.
However, this trend is paying a hefty price. More than half (52 percent) of large businesses have had to deal with mobile security incidents, amounting to more than US$500,000 in the past year. For 45 percent of small and medium-sized business with less than 1,000 employees, mobile security incidents exceeded US$100,000 in the past year.
The IT professionals surveyed also noted that corporate information is not managed on mobile devices. Sixty-three percent of respondents said businesses do not manage corporate information on personal devices while 93 percent said they face challenges adopting BYOD policies.
There are many types of corporate information that are stored on mobile devices. Among these,
corporate email is the most common type of corporate information that has recently been available for access on mobile devices that connect to the corporate network. Other corporate information available on mobile devices include contact information of colleagues, customers and partners, corporate calendar, and customer data.
The study also included analyses of popular mobile devices and platforms. Among the mobile device platforms, Android was cited by 49 percent of businesses as the platform with greatest perceived security risk (up from 30 percent last year), compared to platforms for Apple, Windows Mobile, and Blackberry.
"Without question, the explosion of BYOD, mobile apps, and cloud services, has created a herculean task to protect corporate information for businesses both large and small," said Tomer Teller, security evangelist and researcher, Check Point Software Technologies. "An effective mobile security strategy will focus on protecting corporate information on the multitude of devices and implementing proper secure access controls to information and applications on the go. Equally important is educating employees about best practices as the majority of businesses are more concerned with careless employees than cyber criminals."
Sign up for CIO Asia eNewsletters.